phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc.
CPE | Name | Operator | Version |
---|---|---|---|
phpmyadmin | eq | RELEASE_4_8_1 | |
phpmyadmin | eq | RELEASE_4_8_0 | |
phpmyadmin | eq | RELEASE_4_8_2 | |
phpmyadmin | eq | RELEASE_4_8_3 | |
phpmyadmin | eq | RELEASE_4_8_0_1 |